Token Refresh not working

ORY Hydra
#1

I am using a dart oauth2 library to attempt token refresh. The code grant works and gets a refresh token but I am unable to refresh access tokens using the refresh token and token auth endpoint method : none

Hydra version: v1.7.4

Here is the trace

2020-09-08 02:24:12.025 EDT
time=2020-09-08T06:24:12Z level=info msg=started handling request func=github.com/ory/x/reqlog.(*Middleware).ServeHTTP file=/go/pkg/mod/github.com/ory/[email protected]/reqlog/middleware.go:131 http_request=map[headers:map[accept-encoding:gzip user-agent:Dart/2.9 (dart:io) x-forwarded-for:10.128.0.2 x-forwarded-proto:https x-request-id:5ec8e4e5-ee28-4b55-932e-5944e7c52c8a] host:oauth.confab.im method:POST path:/oauth2/token query:<nil> remote:127.0.0.1:59434 scheme:http]
Error
2020-09-08 02:24:12.057 EDT
time=2020-09-08T06:24:12Z level=debug msg=Got an empty session in toRequest func=github.com/ory/hydra/oauth2.(*SQLData).toRequest file=/home/ory/oauth2/fosite_store_sql.go:181 audience=application service_name= service_version=
Error
2020-09-08 02:24:13.908 EDT
time=2020-09-08T06:24:13Z level=error msg=An error occurred func=github.com/ory/hydra/x.LogError file=/home/ory/x/errors.go:49 audience=application error=map[message:server_error reason: status:Internal Server Error status_code:500 trace:
Error
2020-09-08 02:24:13.908 EDT
github.com/ory/fosite/handler/oauth2.handleRefreshTokenEndpointResponseStorageError.func1
Error
2020-09-08 02:24:13.908 EDT
/go/pkg/mod/github.com/ory/[email protected]/handler/oauth2/flow_refresh.go:176
Error
2020-09-08 02:24:13.908 EDT
github.com/ory/fosite/handler/oauth2.handleRefreshTokenEndpointResponseStorageError
Error
2020-09-08 02:24:13.908 EDT
/go/pkg/mod/github.com/ory/[email protected]/handler/oauth2/flow_refresh.go:193
Error
2020-09-08 02:24:13.908 EDT
github.com/ory/fosite/handler/oauth2.(*RefreshTokenGrantHandler).PopulateTokenEndpointResponse
Error
2020-09-08 02:24:13.908 EDT
/go/pkg/mod/github.com/ory/[email protected]/handler/oauth2/flow_refresh.go:143
Error
2020-09-08 02:24:13.908 EDT
github.com/ory/fosite.(*Fosite).NewAccessResponse
Error
2020-09-08 02:24:13.908 EDT
/go/pkg/mod/github.com/ory/[email protected]/access_response_writer.go:36
Error
2020-09-08 02:24:13.908 EDT
github.com/ory/hydra/oauth2.(*Handler).TokenHandler
Error
2020-09-08 02:24:13.908 EDT
/home/ory/oauth2/handler.go:588
Error
2020-09-08 02:24:13.908 EDT
net/http.HandlerFunc.ServeHTTP
Error
2020-09-08 02:24:13.908 EDT
/usr/local/go/src/net/http/server.go:2041
2020-09-08 02:24:13.908 EDT
github.com/rs/cors.(*Cors).Handler.func1
Error
2020-09-08 02:24:13.908 EDT
/go/pkg/mod/github.com/rs/[email protected]/cors.go:207
Error
2020-09-08 02:24:13.908 EDT
net/http.HandlerFunc.ServeHTTP

Using postman

Screenshot from 2020-09-08 02-51-29
Screenshot from 2020-09-08 02-51-291561×1029 64.7 KB

2020-09-08 02:49:22.898 EDT
time=2020-09-08T06:49:22Z level=info msg=started handling request func=github.com/ory/x/reqlog.(*Middleware).ServeHTTP file=/go/pkg/mod/github.com/ory/[email protected]/reqlog/middleware.go:131 http_request=map[headers:map[accept:application/json accept-encoding:gzip, deflate cache-control:no-cache origin:https://app.confab.im user-agent:PostmanRuntime/7.1.1 x-forwarded-for:10.128.0.6 x-forwarded-proto:https x-request-id:754338da-5849-46a2-8588-0ba789c10857] host:oauth.confab.im method:POST path:/oauth2/token query:<nil> remote:127.0.0.1:41690 scheme:http]
Error
2020-09-08 02:49:22.908 EDT
time=2020-09-08T06:49:22Z level=debug msg=Got an empty session in toRequest func=github.com/ory/hydra/oauth2.(*SQLData).toRequest file=/home/ory/oauth2/fosite_store_sql.go:181 audience=application service_name= service_version=
Error
2020-09-08 02:49:27.911 EDT
time=2020-09-08T06:49:27Z level=error msg=An error occurred func=github.com/ory/hydra/x.LogError file=/home/ory/x/errors.go:49 audience=application error=map[message:server_error reason: status:Internal Server Error status_code:500 trace:
Error
2020-09-08 02:49:27.911 EDT
github.com/ory/fosite/handler/oauth2.handleRefreshTokenEndpointResponseStorageError.func1
... same stacktrace

Sanity check log

2020-09-08 03:00:51.822 EDT
Thank you for using ORY Hydra v1.7.4!

This makes the user experience bad because users are kicked out of sessions and have to wait for a few un-expected redirects where a code grant is performed to give them a new token.

#2

Extending the timeout duration to 30 seconds does not help. So this is also a bug because hydra does not return error feedback when it encounters level=debug msg=Got an empty session in toRequest and the server is forced to terminate the request.

#3

Please open a bug report on GitHub with a reproducible demo, thank you!